• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권6호
• /
• pp.2595-2618
• /
• 2018

In this paper, we investigate secure communication with the presence of multiple eavesdroppers (Eves) in a two-tier downlink dense heterogeneous network, wherein there is a macrocell base station (MBS) and multiple femtocell base stations (FBSs). Each base station (BS) has multiple users. And Eves attempt to wiretap a macrocell user (MU). To keep Eves ignorant of the confidential message, we propose a physical-layer security scheme based on cross-layer cooperation to exploit interference in the considered network. Under the constraints on the quality of service (QoS) of other legitimate users and transmit power, the secrecy rate of system can be maximized through jointly optimizing the beamforming vectors of MBS and cooperative FBSs. We explore the problem of maximizing secrecy rate in both non-colluding and colluding Eves scenarios, respectively. Firstly, in non-colluding Eves scenario, we approximate the original non-convex problem into a few semi-definite programs (SDPs) by employing the semi-definite relaxation (SDR) technique and conservative convex approximation under perfect channel state information (CSI) case. Furthermore, we extend the frame to imperfect CSI case and use the Lagrangian dual theory to cope with uncertain constraints on CSI. Secondly, in colluding Eves scenario, we transform the original problem into a two-tier optimization problem equivalently. Among them, the outer layer problem is a single variable optimization problem and can be solved by one-dimensional linear search. While the inner-layer optimization problem is transformed into a convex SDP problem with SDR technique and Charnes-Cooper transformation. In the perfect CSI case of both non-colluding and colluding Eves scenarios, we prove that the relaxation of SDR is tight and analyze the complexity of proposed algorithms. Finally, simulation results validate the effectiveness and robustness of proposed scheme.

• The KIPS Transactions:PartC
• /
• 제17C권4호
• /
• pp.361-370
• /
• 2010

OTP(One Time Password) is a user authentication using secure mechanism to authenticate each other in a way to generate a password, an attacker could intercept the password to masquerade as legitimate users is a way to prevent attacks. The OTP can be implemented as H/W or S/W. Token and card type OTP, implemented as H/W, is difficult to popularize because of having problem with deployment and usability. As a way to replace it implemented as S/W on Mobile or PC is introduced. However, S/W products can be target of malicious attacks if S/W products have vulnerability of implementation. In fact, FSA said the OTP implemented on a mobile have vulnerability of implementation. However, the OTP implemented on a PC have no case about analysis of vulnerability. So, in this paper derive security review and vulnerabilities analysis of implemented on a PC.

• The KIPS Transactions:PartC
• /
• 제13C권2호
• /
• pp.259-266
• /
• 2006

As the volume of spam has increased to extreme levels, many anti-spam filtering techniques have been proposed. Among these techniques, the machine-Loaming filtering technique is one of the most popular filtering techniques. In this paper, we propose a machine-learning spam filtering technique based on the neural network, the genetic algorithm and the $X^2$-statistic. This proposed filtering technique is designed to overcome the problems in existing filtering techniques, and to achieve high spam filtering accuracy. It is able to classify spam and legitimate emil with 95.25 percent and 95.31 percent accuracy. This accuracy of the sum filtering is 7.75 percent and the 12.44 percent higher than rule-based filtering and the Bayesian filtering technique, respectively.

• The Research Journal of the Costume Culture
• /
• 제26권4호
• /
• pp.547-562
• /
• 2018

As social media penetrates more deeply into people's everyday lives, social commerce (a type of commerce that combines SNS features and possibility for commercial transactions) has enjoyed unprecedented growth. Shopping on Facebook is a representative example of social commerce platform that allows consumers to interact with other users, exchange information and purchase products without leaving a Facebook page. Social commerce presents great opportunities for marketers in terms of leveraging social aspects of shopping experience. It also offers a large potential for Korean companies to reach various target markets, as well as establish their presence abroad. Yet, acceptance of social commerce as a legitimate shopping channel has been slow, and consumers are still hesitant to shop via Facebook. This study draws on uses and gratification theory and the concept of perceived risk to examine how different motives for SNS use and the associated types of perceived risks can affect the purchase intention on the platform. Empirical data from 288 young users of Facebook were analyzed. Findings identified two main motives for SNS use: information-related motive and communication-related motive. Information-related motive significantly affected the intention to shop on Facebook, whereas communication-related motive did not have any significant influence. Risks associated with shopping via Facebook included delivery risk, security risk, social risk and economic risk. Overall, consumers perceived a higher level of security and social risk associated with shopping on Facebook. However, only social risk had a significant negative influence on the purchase intention. Awareness and previous experience of buying via social commerce platform positively affected consumers' purchase intention.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권7호
• /
• pp.3747-3765
• /
• 2017

Existing authentication mechanisms in cellular mobile communication networks are realized in the upper layer by employing cryptographic techniques. Authentication data are broadcasted over the air in plaintext, enabling attackers to completely eavesdrop on the authentication and get some information about the shared secret key between legitimate nodes. Therefore, reusing the same secret key to authenticate several times results in the secret key's information leakage and high attacking rate. In this paper, we consider the most representative authentication mechanism, Authentication and Key Agreement (AKA), in cellular communication networks and propose an enhanced AKA scheme based on Physical Layer Authentication (AKA-PLA). Authentication responses generated by AKA are no longer transmitted in plaintext but masked by wireless channel characteristics, which are not available to adversaries, to generate physical layer authentication responses by a fault-tolerant hash method. The authenticator sets the threshold according to the authentication requirement and channel condition, further verifies the identity of the requester based on the matching result of the physical layer authentication responses. The performance analyses show that the proposed scheme can achieve lower false alarm rate and missing rate, which are a pair of contradictions, than traditional AKA. Besides, it is well compatible with AKA.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권12호
• /
• pp.4568-4587
• /
• 2014

Authentication of videos and images based on the content is becoming an important problem in information security. Unfortunately, previous studies lack the consideration of Kerckhoffs's principle in order to achieve this (i.e., a cryptosystem should be secure even if everything about the system, except the key, is public knowledge). In this paper, a solution to the problem of finding a relationship between a frame's index and its content is proposed based on the creative utilization of a robust manifold feature. The proposed solution is based on a novel semi-fragile watermarking scheme for H.264/AVC video content authentication. At first, the input I-frame is partitioned for feature extraction and watermark embedding. This is followed by the temporal feature extraction using the Isometric Mapping algorithm. The frame index is included in the feature to produce the temporal watermark. In order to improve security, the spatial watermark will be encrypted together with the temporal watermark. Finally, the resultant watermark is embedded into the Discrete Cosine Transform coefficients in the diagonal positions. At the receiver side, after watermark extraction and decryption, temporal tampering is detected through a mismatch between the frame index extracted from the temporal watermark and the observed frame index. Next, the feature is regenerate through temporal feature regeneration, and compared with the extracted feature. It is judged through the comparison whether the extracted temporal watermark is similar to that of the original watermarked video. Additionally, for spatial authentication, the tampered areas are located via the comparison between extracted and regenerated spatial features. Experimental results show that the proposed method is sensitive to intentional malicious attacks and modifications, whereas it is robust to legitimate manipulations, such as certain level of lossy compression, channel noise, Gaussian filtering and brightness adjustment. Through a comparison between the extracted frame index and the current frame index, the temporal tempering is identified. With the proposed scheme, a solution to the Kerckhoffs's principle problem is specified.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권1호
• /
• pp.131-146
• /
• 2012

As one of the four basic technologies of IOT (Internet of Things), M2M technology whose advance could influence on the technology of Internet of Things has a rapid development. Mobile Payment is one of the most widespread applications in M2M. Due to applying wireless network in Mobile Payment, the security issues based on wireless network have to be solved. The technologies applied in solutions generally include two sorts, encryption mechanism and authentication mechanism, the focus in this paper is the authentication mechanism of Mobile Payment. In this paper, we consider that there are four vital things in the authentication mechanism of Mobile Payment: two-way authentication, re-authentication, roaming authentication and inside authentication. Two-way authentication is to make the mobile device and the center system trust each other, and two-way authentication is the foundation of the other three. Re-authentication is to re-establish the active communication after the mobile subscriber changes his point of attachment to the network. Inside authentication is to prevent the attacker from obtaining the privacy via attacking the mobile device if the attacker captures the mobile device. Roaming authentication is to prove the mobile subscriber's legitimate identity to the foreign agency when he roams into a foreign place, and roaming authentication can be regarded as the integration of the above three. After making a simulation of our proposed authentication mechanism and analyzing the existed schemes, we summarize that the authentication mechanism based on the mentioned above in this paper and the encryption mechanism establish the integrate security framework of Mobile Payment together. This makes the parties of Mobile Payment apply the services which Mobile Payment provides credibly.

• KIPS Transactions on Computer and Communication Systems
• /
• 제12권2호
• /
• pp.69-76
• /
• 2023

Hundreds of thousands of passwords are lost or forgotten every year, making the necessary information unavailable to legitimate owners or authorized law enforcement personnel. In order to recover such a password, a tool for password cracking is required. Using GPUs instead of CPUs for password cracking can quickly process the large amount of computation required during the recovery process. This paper optimizes on GPUs using CUDA, with a focus on decryption of the currently most popular PDF 1.4-1.6 version. Techniques such as eliminating unnecessary operations of the MD5 algorithm, implementing 32-bit word integration of the RC4 algorithm, and using shared memory were used. In addition, autotune techniques were used to search for the number of blocks and threads that affect performance improvement. As a result, we showed throughput of 31,460 kp/s (kilo passwords per second) and 66,351 kp/s at block size 65,536, thread size 96 in RTX 3060, RTX 3090 environments, and improved throughput by 22.5% and 15.2%, respectively, compared to the cracking tool hashcat that achieves the highest throughput.

• The KIPS Transactions:PartC
• /
• 제12C권5호
• /
• pp.765-772
• /
• 2005

In this paper, we propose E-mail sending-server authorization method using a distance estimation algorithm between W addresses to check whether the E-mail sending server is registered in the domain of mail sending server or belongs to the domain for filtering spam mail. This method utilizes the distance between the IP address of sending server and IP addresses registered in the DNS to figure out that the E-mail sending server exists in the domain to filter spam mail. The experimental result of applying the proposed algorithm to sample E-mails gathered in a large size laboratory says that 88 percents of legitimate E-mails and only 10 percents of spam mails are sent by servers in the same domains of senders. The algorithm may be effectively used to block spam mails sent by servers outside of the domains of mail senders. It may be also hired as a temporary E-mail protecting system until the standard E-mail authorization protocol is fully deployed.

• The KIPS Transactions:PartC
• /
• 제15C권3호
• /
• pp.157-166
• /
• 2008

The ubiquitous service environment is poor in reliability of connection and also has a high probability that the intrusion against a system and the failure of the services may happen. Therefore, It is very important to guarantee that the legitimate users make use of trustable services from the viewpoint of security without discontinuance or obstacle of the services. In this paper, we point out the problems in the standard Jini service environment and analyze the Jgroup/ARM framework that has been developed in order to help fault tolerance of Jini services. In addition, we propose a secure Jini service architecture to satisfy the security, availability and quality of services on the basis of the analysis. The secure Jini service architecture we propose in this paper is able to protect a Jini system not only from faults such as network partition or server crash, but also from attacks exploiting flaws. It provides security mechanism for dynamic trust establishment among the service entities. Moreover, our secure Jini service architecture does not incur high computation costs to merge the user service states because of allocation of the replica based on each session of a user. Through the experiment on a test-bed, we have confirmed that proposed secure Jini service architecture is able to guarantee the persistence of the user service states at the level that the degradation of services quality is ignorable.